Secured centralized public key infrastructure
First Claim
1. A system for providing public key infrastructure security in a computer network comprising:
- a user terminal coupled to the computer network;
a user transaction data record assigned to the user, wherein the user transaction data record includes a raw state, an unleased state, an assigned state and a leased state, and a data element indicating a present operational state of the user transaction data record including one of the raw state, the unleased state, the assigned state and the leased state, wherein only a predetermined type of commands are allowed to be executed on the user transaction data record for each operational state;
a private key, and a public key assigned to a user for encrypting and decrypting the user transaction data record;
a database remote from the user terminal for securely storing the encrypted user transaction data record, and the private key and the public key; and
a cryptographic device remote from the user terminal and coupled to the computer network including a computer executable code to encrypt and decrypt the data in the user transaction data record utilizing the stored private key and the public key in the database, and to execute one or more of the commands that are allowed for the present state of the user transaction data record.
7 Assignments
0 Petitions
Accused Products
Abstract
An on-line value bearing item (VBI) printing system that includes one or more cryptographic modules and a central database is disclosed. The cryptographic modules are capable of implementing the USPS Information Based Indicia Program Postal Security Device Performance Criteria and other required VBI standards. The modules encipher the information stored in the central database for all of the on-line VBI system customers and are capable of preventing access to the database by unauthorized users. Additionally, the cryptographic module is capable of preventing unauthorized and undetected modification, including the unauthorized modification, substitution, insertion, and deletion of VBI related data and cryptographically critical security parameters.
143 Citations
35 Claims
-
1. A system for providing public key infrastructure security in a computer network comprising:
-
a user terminal coupled to the computer network; a user transaction data record assigned to the user, wherein the user transaction data record includes a raw state, an unleased state, an assigned state and a leased state, and a data element indicating a present operational state of the user transaction data record including one of the raw state, the unleased state, the assigned state and the leased state, wherein only a predetermined type of commands are allowed to be executed on the user transaction data record for each operational state; a private key, and a public key assigned to a user for encrypting and decrypting the user transaction data record; a database remote from the user terminal for securely storing the encrypted user transaction data record, and the private key and the public key; and a cryptographic device remote from the user terminal and coupled to the computer network including a computer executable code to encrypt and decrypt the data in the user transaction data record utilizing the stored private key and the public key in the database, and to execute one or more of the commands that are allowed for the present state of the user transaction data record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 29)
-
-
21. A method for providing public key infrastructure security in a computer network comprising the steps of:
-
assigning a private key and a public key to a user for authenticating a user transaction data record, wherein the user transaction data record includes a raw state, an unleased state, an assigned state and a leased state, and a data element indicating a present operational state of the user transaction data record including one of the raw state, the unleased state, the assigned state and the leased state, wherein only a predetermined type of commands are allowed to be executed on the user transaction data record for each state; storing the private key, the public key and the user transaction data record in a database remote from the user terminal; encrypting the data in the user transaction data record assigned to the user utilizing the stored private key and the public key in the database; and controlling the user transaction data record to execute one or more of the commands that are allowed for the present state of the user transaction data record. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 30, 31, 32, 33, 34, 35)
-
Specification